From c8b60a6aa513dea22660928aa0c6c6c5003d454a Mon Sep 17 00:00:00 2001
From: "Zed A. Shaw" <zed.shaw@gmail.com>
Date: Mon, 8 Sep 2025 12:43:30 -0400
Subject: [PATCH] Sessions are keyed by a session_id so we can just store
 anything. Adding the user_id for later authorization stuff.

---
 api/auth.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/auth.go b/api/auth.go
index 6b195c7..31de099 100644
--- a/api/auth.go
+++ b/api/auth.go
@@ -112,8 +112,8 @@ func PostApiLogin(c *fiber.Ctx) error {
     sess, err := STORE.Get(c)
     if err != nil { return IfErrNil(err, c) }
 
-    // BUG: THIS IS A BIG NO NO, just for getting going
     sess.Set("authenticated", true)
+    sess.Set("user_id", user.Id)
     sess.Set("admin", IsAdmin(&user))
     err = sess.Save()
     if err != nil { return IfErrNil(err, c) }